Back to Search
Start Over
Kontun: A Framework for recommendation of authentication schemes and methods
- Source :
- Information and Software Technology. 96:27-37
- Publication Year :
- 2018
- Publisher :
- Elsevier BV, 2018.
-
Abstract
- Context There are many techniques for performing authentication, such as text passwords and biometrics. Combining two factors into one technique is known as multi-factor authentication. The lack of a proper method for comparing and selecting these techniques for their implementation in software development processes is observed. Objective The article presents a recommendation Framework proposal for comparing and selecting authentication techniques in a software development process. Method Knowledge from academy is obtained through a systematic literature review and experience from industry is gathered using a survey and interviews. The results of these two techniques are used to generate a Framework proposal, which is validated afterwards, through an expert panel and the case study method. Results A recommendation Framework is generated, which recommends the most appropriate authentication schemes and methods for software applications based on criteria identified in literature and industry, categorized by usability, security and costs, plus the context for which the application is intended. The Framework's validity is ascertained by confirming that its recommendations are on line with those on industry, based in the results from the developed case studies. A tool prototype was created in order to help using the Framework in software development processes. Conclusion The proposed Framework helps to cover the observed gap in literature, helping software developers to compare and select the most appropriate authentication techniques for their applications.
- Subjects :
- Challenge-Handshake Authentication Protocol
021110 strategic, defence & security studies
business.industry
Computer science
0211 other engineering and technologies
020206 networking & telecommunications
02 engineering and technology
Authentication (law)
Computer Science Applications
World Wide Web
Software development process
Generic Bootstrapping Architecture
Authentication protocol
Lightweight Extensible Authentication Protocol
0202 electrical engineering, electronic engineering, information engineering
Challenge–response authentication
Software engineering
business
Software
Data Authentication Algorithm
Information Systems
Subjects
Details
- ISSN :
- 09505849
- Volume :
- 96
- Database :
- OpenAIRE
- Journal :
- Information and Software Technology
- Accession number :
- edsair.doi...........1d722764bbbef82bb098fd6f3f52e0d5
- Full Text :
- https://doi.org/10.1016/j.infsof.2017.11.004